[Date Prev][Date Next]
Re: openldap 2.4.28 and "allow bind_v2"
> I have built and upgraded one of my openldap servers from 2.4.26 to 2.4.28
> (on RHEL release
> 5.7 x86_64) and with the identical configuration to my other servers, I am
> seeing the following
> messages in the slapd.log file:
> slapd: conn=115331 fd=263 ACCEPT from IP=X.X.X.X:51856
> slapd: conn=115331 op=0 do_extended: protocol version (2) too low
> slapd: conn=115331 op=0 DISCONNECT tag=120 err=2 text=requires
> slapd: conn=115331 fd=263 closed (operations error)
> I'm not seeing anything leaping out at me from the change log for
> 2.4.27/2.4.28 that indicates
> what I have gotten wrong that worked until now.
> As I said, I am running the same slapd.conf file on my 2.4.26
> installations and not seeing
> these failures there at all (and since I use an F5 load balancer, these
> connections are sprayed
> all across my pool of servers).
> Where should I start looking?
"do_extended" means an extended operation is being requested with protocol
version set to LDAPv2, and LDAPv2 has no notion of extended operations.
Can you track what operation is being requested?